<?php
/*-----------------------------------------------------------------
！！！！警告！！！！
以下为系统文件，请勿修改
-----------------------------------------------------------------*/

//不能非法包含或直接执行
if (!defined("IN_BAIGO")) {
    exit("Access Denied");
}

require(BG_PATH_FUNC . "mail.func.php");

/*-------------个人接口-------------*/
class CONTROL_API_PROFILE {

    function __construct() { //构造函数
        $this->obj_base = $GLOBALS["obj_base"]; //获取界面类型
        $this->config   = $this->obj_base->config;

        $this->obj_api  = new CLASS_API();
        //$this->obj_api->chk_install();

        $this->log      = $this->obj_api->log;

        $this->mail     = require(BG_PATH_LANG . $this->config["lang"] . "/mail.php");

        $this->obj_crypt    = $this->obj_api->obj_crypt;
        $this->obj_sign     = $this->obj_api->obj_sign;

        $this->mdl_user_profile = new MODEL_USER_PROFILE();
        $this->mdl_verify       = new MODEL_VERIFY();
    }


    /**
     * ctrl_edit function.
     *
     * @access public
     * @return void
     */
    function ctrl_info() {
        $_arr_apiChks = $this->obj_api->app_chk("post");
        if ($_arr_apiChks["rcode"] != "ok") {
            $this->obj_api->show_result($_arr_apiChks);
        }

        $_arr_infoInput = $this->mdl_user_profile->input_info();
        if ($_arr_infoInput["rcode"] != "ok") {
            $this->obj_api->show_result($_arr_infoInput);
        }

        $_arr_sign = array(
            "act"                       => $GLOBALS["act"],
            $_arr_infoInput["user_by"]  => $_arr_infoInput["user_str"],
            "user_pass"                 => $_arr_infoInput["user_pass"],
        );

        if (isset($_arr_infoInput["user_nick"]) && !fn_isEmpty($_arr_infoInput["user_nick"])) {
            $_arr_sign["user_nick"] = $_arr_infoInput["user_nick"];
        }

        if (isset($_arr_infoInput["user_contactStr"]) && !fn_isEmpty($_arr_infoInput["user_contactStr"])) {
            $_arr_sign["user_contact"] = $_arr_infoInput["user_contactStr"];
        }

        if (isset($_arr_infoInput["user_extendStr"]) && !fn_isEmpty($_arr_infoInput["user_extendStr"])) {
            $_arr_sign["user_extend"] = $_arr_infoInput["user_extendStr"];
        }

        //print_r($_arr_infoInput);
        //print_r(array_merge($_arr_apiChks["appInput"], $_arr_sign));

        if (!$this->obj_sign->sign_check(array_merge($_arr_apiChks["appInput"], $_arr_sign), $_arr_apiChks["appInput"]["signature"])) {
            $_arr_tplData = array(
                "rcode" => "x050403",
            );
            $this->obj_api->show_result($_arr_tplData);
        }

        $_arr_userRow = $this->mdl_user_profile->mdl_read($_arr_infoInput["user_str"], $_arr_infoInput["user_by"]);
        if ($_arr_userRow["rcode"] != "y010102") {
            $this->obj_api->show_result($_arr_userRow);
        }

        if ($_arr_userRow["user_status"] == "disable") {
            $_arr_tplData = array(
                "rcode" => "x010401",
            );
            $this->obj_api->show_result($_arr_tplData);
        }

        switch($_arr_userRow["user_crypt_type"]) {
            case 0:
            case 1:
                $_str_crypt = fn_baigoCrypt($_arr_infoInput["user_pass"], $_arr_userRow["user_rand"], true, $_arr_userRow["user_crypt_type"]);
            break;

            default:
                $_str_crypt = fn_baigoCrypt($_arr_infoInput["user_pass"], $_arr_userRow["user_name"], true);
            break;
        }

        if ($_str_crypt != $_arr_userRow["user_pass"]) {
            $_arr_tplData = array(
                "rcode" => "x010213",
            );
            $this->obj_api->show_result($_arr_tplData);
        }

        $_arr_userSubmit["user_id"] = $_arr_userRow["user_id"];

        $_arr_returnRow              = $this->mdl_user_profile->mdl_info($_arr_userSubmit);

        $this->obj_api->notify_result($_arr_returnRow, "edit");

        $_arr_tplData = array(
            "rcode" => $_arr_returnRow["rcode"],
        );
        $this->obj_api->show_result($_arr_tplData);
    }


    function ctrl_pass() {
        $_arr_apiChks = $this->obj_api->app_chk("post");
        if ($_arr_apiChks["rcode"] != "ok") {
            $this->obj_api->show_result($_arr_apiChks);
        }

        $_arr_passInput = $this->mdl_user_profile->input_pass();
        if ($_arr_passInput["rcode"] != "ok") {
            $this->obj_api->show_result($_arr_passInput);
        }

        $_arr_sign = array(
            "act"                       => $GLOBALS["act"],
            $_arr_passInput["user_by"]  => $_arr_passInput["user_str"],
            "user_pass"                 => $_arr_passInput["user_pass"],
            "user_pass_new"             => $_arr_passInput["user_pass_new"],
        );

        if (!$this->obj_sign->sign_check(array_merge($_arr_apiChks["appInput"], $_arr_sign), $_arr_apiChks["appInput"]["signature"])) {
            $_arr_tplData = array(
                "rcode" => "x050403",
            );
            $this->obj_api->show_result($_arr_tplData);
        }

        $_arr_userRow = $this->mdl_user_profile->mdl_read($_arr_passInput["user_str"], $_arr_passInput["user_by"]);
        if ($_arr_userRow["rcode"] != "y010102") {
            $this->obj_api->show_result($_arr_userRow);
        }

        if ($_arr_userRow["user_status"] == "disable") {
            $_arr_tplData = array(
                "rcode" => "x010401",
            );
            $this->obj_api->show_result($_arr_tplData);
        }

        switch($_arr_userRow["user_crypt_type"]) {
            case 0:
            case 1:
                $_str_crypt = fn_baigoCrypt($_arr_passInput["user_pass"], $_arr_userRow["user_rand"], true, $_arr_userRow["user_crypt_type"]);
            break;

            default:
                $_str_crypt = fn_baigoCrypt($_arr_passInput["user_pass"], $_arr_userRow["user_name"], true);
            break;
        }

        if ($_str_crypt != $_arr_userRow["user_pass"]) {
            $_arr_tplData = array(
                "rcode" => "x010244",
            );
            $this->obj_api->show_result($_arr_tplData);
        }

        $_str_userPass  = fn_baigoCrypt($_arr_passInput["user_pass_new"], $_arr_userRow["user_name"], true);
        $_arr_returnRow = $this->mdl_user_profile->mdl_pass($_arr_userRow["user_id"], $_str_userPass);

        $_arr_tplData = array(
            "rcode" => $_arr_returnRow["rcode"],
        );
        $this->obj_api->show_result($_arr_tplData);
    }


    function ctrl_qa() {
        $_arr_apiChks = $this->obj_api->app_chk("post");
        if ($_arr_apiChks["rcode"] != "ok") {
            $this->obj_api->show_result($_arr_apiChks);
        }

        $_arr_qaInput = $this->mdl_user_profile->input_qa();
        if ($_arr_qaInput["rcode"] != "ok") {
            $this->obj_api->show_result($_arr_qaInput);
        }

        $_arr_sign = array(
            "act"                       => $GLOBALS["act"],
            $_arr_qaInput["user_by"]    => $_arr_qaInput["user_str"],
            "user_pass"                 => $_arr_qaInput["user_pass"],
        );

        for ($_iii = 1; $_iii <= 3; $_iii++) {
            $_arr_sign["user_sec_ques_" . $_iii] = $_arr_qaInput["user_sec_ques_" . $_iii];
            $_arr_sign["user_sec_answ_" . $_iii] = $_arr_qaInput["user_sec_answ_" . $_iii];
        }

        if (!$this->obj_sign->sign_check(array_merge($_arr_apiChks["appInput"], $_arr_sign), $_arr_apiChks["appInput"]["signature"])) {
            $_arr_tplData = array(
                "rcode" => "x050403",
            );
            $this->obj_api->show_result($_arr_tplData);
        }

        $_arr_userRow = $this->mdl_user_profile->mdl_read($_arr_qaInput["user_str"], $_arr_qaInput["user_by"]);
        if ($_arr_userRow["rcode"] != "y010102") {
            $this->obj_api->show_result($_arr_userRow);
        }

        if ($_arr_userRow["user_status"] == "disable") {
            $_arr_tplData = array(
                "rcode" => "x010401",
            );
            $this->obj_api->show_result($_arr_tplData);
        }

        switch($_arr_userRow["user_crypt_type"]) {
            case 0:
            case 1:
                $_str_crypt = fn_baigoCrypt($_arr_qaInput["user_pass"], $_arr_userRow["user_rand"], true, $_arr_userRow["user_crypt_type"]);
            break;

            default:
                $_str_crypt = fn_baigoCrypt($_arr_qaInput["user_pass"], $_arr_userRow["user_name"], true);
            break;
        }

        if ($_str_crypt != $_arr_userRow["user_pass"]) {
            $_arr_tplData = array(
                "rcode" => "x010244",
            );
            $this->obj_api->show_result($_arr_tplData);
        }

        $_arr_userSubmit["user_id"] = $_arr_userRow["user_id"];

        for ($_iii = 1; $_iii <= 3; $_iii++) {
            $_arr_userSubmit["user_sec_ques_" . $_iii] = $_arr_qaInput["user_sec_ques_" . $_iii];
            $_arr_userSubmit["user_sec_answ_" . $_iii] = fn_baigoCrypt($_arr_qaInput["user_sec_answ_" . $_iii], $_arr_userRow["user_name"]);
        }

        $_arr_returnRow = $this->mdl_user_profile->mdl_qa($_arr_userSubmit);

        $_arr_tplData = array(
            "rcode" => $_arr_returnRow["rcode"],
        );
        $this->obj_api->show_result($_arr_tplData);
    }


    /**
     * ctrl_change function.
     *
     * @access public
     * @return void
     */
    function ctrl_mailbox() {
        $_arr_apiChks = $this->obj_api->app_chk("post");
        if ($_arr_apiChks["rcode"] != "ok") {
            $this->obj_api->show_result($_arr_apiChks);
        }

        $_arr_mailboxInput = $this->mdl_user_profile->input_mailbox();
        if ($_arr_mailboxInput["rcode"] != "ok") {
            $this->obj_api->show_result($_arr_mailboxInput);
        }

        $_arr_sign = array(
            "act"                           => $GLOBALS["act"],
            $_arr_mailboxInput["user_by"]   => $_arr_mailboxInput["user_str"],
            "user_pass"                     => $_arr_mailboxInput["user_pass"],
            "user_mail_new"                 => $_arr_mailboxInput["user_mail_new"],
        );

        if (!$this->obj_sign->sign_check(array_merge($_arr_apiChks["appInput"], $_arr_sign), $_arr_apiChks["appInput"]["signature"])) {
            $_arr_tplData = array(
                "rcode" => "x050403",
            );
            $this->obj_api->show_result($_arr_tplData);
        }

        $_arr_userRow = $this->mdl_user_profile->mdl_read($_arr_mailboxInput["user_str"], $_arr_mailboxInput["user_by"]);
        if ($_arr_userRow["rcode"] != "y010102") {
            $this->obj_api->show_result($_arr_userRow);
        }

        if ($_arr_userRow["user_status"] == "disable") {
            $_arr_tplData = array(
                "rcode" => "x010401",
            );
            $this->obj_api->show_result($_arr_tplData);
        }

        if ($_arr_mailboxInput["user_mail_new"] == $_arr_userRow["user_mail"]) {
            $_arr_tplData = array(
                "rcode" => "x010223",
            );
            $this->obj_api->show_result($_arr_tplData);
        }

        switch($_arr_userRow["user_crypt_type"]) {
            case 0:
            case 1:
                $_str_crypt = fn_baigoCrypt($_arr_mailboxInput["user_pass"], $_arr_userRow["user_rand"], true, $_arr_userRow["user_crypt_type"]);
            break;

            default:
                $_str_crypt = fn_baigoCrypt($_arr_mailboxInput["user_pass"], $_arr_userRow["user_name"], true);
            break;
        }

        if ($_str_crypt != $_arr_userRow["user_pass"]) {
            $_arr_tplData = array(
                "rcode" => "x010213",
            );
            $this->obj_api->show_result($_arr_tplData);
        }

        if ((BG_REG_ONEMAIL == "false" || BG_LOGIN_MAIL == "on") && isset($_arr_mailboxInput["user_mail_new"]) && $_arr_mailboxInput["user_mail_new"]) {
            $_arr_userRowChk = $this->mdl_user_profile->mdl_read($_arr_mailboxInput["user_mail_new"], "user_mail", $_arr_userRow["user_id"]); //检查邮箱
            if ($_arr_userRowChk["rcode"] == "y010102") {
                $_arr_tplData = array(
                    "rcode" => "x010211",
                );
                $this->obj_api->show_result($_arr_tplData);
            }
        }

        //file_put_contents(BG_PATH_ROOT . "test.txt", $_str_userPass . "||" . $_str_rand);

        if (BG_REG_CONFIRM == "on") {
            $_arr_returnRow    = $this->mdl_verify->mdl_submit($_arr_userRow["user_id"], $_arr_mailboxInput["user_mail_new"], "mailbox");
            if ($_arr_returnRow["rcode"] != "y120101" && $_arr_returnRow["rcode"] != "y120103") {
                $_arr_tplData = array(
                    "rcode" => "x010405",
                );
                $this->obj_api->show_result($_arr_tplData);
            }

            $_str_verifyUrl = BG_SITE_URL . BG_URL_MY . "index.php?mod=profile&act=mailbox&verify_id=" . $_arr_returnRow["verify_id"] . "&verify_token=" . $_arr_returnRow["verify_token"];
            $_str_url       = "<a href=\"" . $_str_verifyUrl . "\">" . $_str_verifyUrl . "</a>";
            $_str_html      = str_ireplace("{verify_url}", $_str_url, $this->mail["mailbox"]["content"]);
            $_str_html      = str_ireplace("{user_name}", $_arr_userRow["user_name"], $_str_html);
            $_str_html      = str_ireplace("{user_mail}", $_arr_userRow["user_mail"], $_str_html);
            $_str_html      = str_ireplace("{user_mail_new}", $_arr_mailboxInput["user_mail_new"], $_str_html);

            if (fn_mailSend($_arr_mailboxInput["user_mail_new"], $this->mail["mailbox"]["subject"], $_str_html)) {
                $_arr_returnRow["rcode"] = "y010406";
            } else {
                $_arr_returnRow["rcode"] = "x010406";
            }

            unset($_arr_returnRow["verify_id"], $_arr_returnRow["verify_token"]);
        } else {
            $_arr_returnRow = $this->mdl_user_profile->mdl_mailbox($_arr_userRow["user_id"], $_arr_mailboxInput["user_mail_new"]);

            $this->obj_api->notify_result($_arr_returnRow, "mailbox");
        }

        $_arr_returnRow["user_id"]      = $_arr_userRow["user_id"];
        $_arr_returnRow["user_name"]    = $_arr_userRow["user_name"];

        $_arr_tplData = array(
            "rcode" => $_arr_returnRow["rcode"],
        );
        $this->obj_api->show_result($_arr_tplData);
    }


    function ctrl_token() {
        $_arr_apiChks = $this->obj_api->app_chk("post");
        if ($_arr_apiChks["rcode"] != "ok") {
            $this->obj_api->show_result($_arr_apiChks);
        }

        $_arr_tokenInput = $this->mdl_user_profile->input_token("post");
        if ($_arr_tokenInput["rcode"] != "ok") {
            $this->obj_api->show_result($_arr_tokenInput);
        }

        $_arr_sign = array(
            "act"                       => $GLOBALS["act"],
            $_arr_tokenInput["user_by"] => $_arr_tokenInput["user_str"],
            "user_refresh_token"        => $_arr_tokenInput["user_refresh_token"],
        );

        if (!$this->obj_sign->sign_check(array_merge($_arr_apiChks["appInput"], $_arr_sign), $_arr_apiChks["appInput"]["signature"])) {
            $_arr_tplData = array(
                "rcode" => "x050403",
            );
            $this->obj_api->show_result($_arr_tplData);
        }

        $_arr_userRow = $this->mdl_user_profile->mdl_read($_arr_tokenInput["user_str"], $_arr_tokenInput["user_by"]);
        if ($_arr_userRow["rcode"] != "y010102") {
            $this->obj_api->show_result($_arr_userRow);
        }

        if ($_arr_userRow["user_status"] == "disable") {
            $_arr_tplData = array(
                "rcode" => "x010401",
            );
            $this->obj_api->show_result($_arr_tplData);
        }

        if ($_arr_userRow["user_refresh_expire"] < time()) {
            $_arr_tplData = array(
                "rcode" => "x010235",
            );
            $this->obj_api->show_result($_arr_tplData);
        }

        if ($_arr_tokenInput["user_refresh_token"] != md5(fn_baigoCrypt($_arr_userRow["user_refresh_token"], $_arr_userRow["user_name"]))) {
            $_arr_tplData = array(
                "rcode" => "x010234",
            );
            $this->obj_api->show_result($_arr_tplData);
        }

        //print_r($_arr_userRow);

        $_arr_tokenRefresh = $this->mdl_user_profile->mdl_token($_arr_userRow["user_id"], $_arr_userRow["user_name"]);

        unset($_arr_userRow["user_pass"], $_arr_userRow["user_note"]);

        $_arr_returnRow = array(
            "user_id"               => $_arr_userRow["user_id"],
            "user_access_token"     => $_arr_tokenRefresh["user_access_token"],
            "user_access_expire"    => $_arr_tokenRefresh["user_access_expire"],
        );

        //unset($_arr_returnRow["rcode"]);
        $_str_src   = $this->obj_api->encode_result($_arr_returnRow);
        $_str_code  = $this->obj_crypt->encrypt($_str_src, fn_baigoCrypt($_arr_apiChks["appRow"]["app_key"], $_arr_apiChks["appRow"]["app_name"]));

        $_arr_tplData = array(
            "code"   => $_str_code,
            "rcode"  => "y010411",
        );

        $this->obj_api->show_result($_arr_tplData);
    }
}
